Privacy data access groups configuration

When using the privacy methods activate the option and fill in the storage block with database settings for storing the private data:

privacy {
# Max parallel data crawling tasks
crawling-parallelism = 100

storage {
  vendor = none

  # for postgres vendor:
                    # schema = "public"
                    # migration-dir = "db/migration"
                    # profile = "slick.jdbc.PostgresProfile$"
                    # jdbc-config {
                    #   url = "jdbc:postgresql://postgres:5432/node-1"
                    #   driver = "org.postgresql.Driver"
                    #   user = postgres
                    #   password = wenterprise
                    #   connectionPool = HikariCP
                    #   connectionTimeout = 5000
                    #   connectionTestQuery = "SELECT 1"
                    #   queueSize = 10000
                    #   numThreads = 20
                    # }

                    # for s3 vendor:
                    # url = "http://localhost:9000/"
                    # bucket = "privacy"
                    # region = "aws-global"
                    # access-key-id = "minio"
                    # secret-access-key = "minio123"
                    # path-style-access-enabled = true
                    # connection-timeout = 30s
                    # connection-acquisition-timeout = 10s
                    # max-concurrency = 200
                    # read-timeout = 0s
}

cleaner {
  enabled: no

  # The amount of time between cleanups
  # interval: 10m

  # How many blocks the data hash transaction exists on the blockchain, after which it will be removed from cleaner monitoring
  # confirmation-blocks: 100

  # The maximum amount of time that a file can be stored without getting into the blockchain
  # pending-time: 72h
}
}

Parameters description

  • vendor - selecting a data storage option: s3 - cloud or local storage based on Amazon Simple Storage Service (S3), postgres - local storage based on PostgreSQL DB. A Minio server is used for the data storage.

PostgreSQL DB parameters:

  • url - the PostgreSQL DB address;

  • driver - the JDBC driver name;

  • profile - a profile name for the JDBC access;

  • user - a user name for the DB access;

  • password - a password for the DB access;

  • connectionPool - a connection pool name, default is HikariCP.

  • connectionTimeout - a connection timeout;

  • connectionTestQuery - a query name for the connection test;

  • queueSize - a requests queue size;

  • numThreads - a number of parallel connections;

  • schema - an interaction scheme;

  • migration-dir - a path to the data migration directory.

S3 parameters:

  • url - an address of the S3 server for data storage, Minio servers are supported;

  • bucket - a name of the S3 database table to store data;

  • region - the name of the S3 region, the parameter value is aws-global;

  • access-key-id - ID of the data access key;

  • secret-access-key - key for accessing data in S3 storage;

  • path-style-access-enabled = true - immutable parameter for specifying the path to the S3 table;

  • connection-timeout - a connection timeout;

  • connection-acquisition-timeout - a timeout to get a connection;

  • max-concurrency - a number of concurrent accesses to the storage;

  • read-timeout - data read timeout.

cleaner section

  • enabled - enable/disable periodic deletion of files that are not included in the blockchain;

  • interval - files cleaning interval;

  • confirmation-blocks - the time period in blocks for which a hash transaction of data exists in the blockchain, after which it will be deleted;

  • pending-time - the maximum period of time for which a file with data can be stored without getting into the blockchain.

Other parameters:

  • request-timeout - a waiting timeout for all responses from peers to a data request.

  • init-retry-delay - a delay from the receiving of the data hash to the start of its search among peers.

  • crawling-parallelism - a limitation of the maximum number of simultaneous processes in the synchronizer.

  • max-attempt-count - the maximum number of rounds for requesting data from peers after which data is considered “lost”.

  • lost-data-processing-delay - an interval of rounds of requests for “lost” data.

  • cache - responses cache settings.

DB PostgreSQL is using as a database for the confidential data storage. The database should be installed on the same machine with the node and should have an DB access account. You can use the PostgreSQL tutorial for download and install the database according with your operation system type.

During the installation the system will offer to create an access account. These credentials must be entered into the appropriate user/password parameters.

Specify the URL for the PostgreSQL connection into the url parameter. URL consists of:

  • POSTGRES_ADDRESS - a PostgreSQL host address;

  • POSTGRES_PORT - a PostgreSQL host port number;

  • POSTGRES_DB - a PostgreSQL name.

You can specify the PostgreSQL credentials with the URL in the same string. The example is represented bellow, where user=user_privacy_node_0@we-dev is a login, password=7nZL7Jr41qOWUHz5qKdypA&sslmode=require - a password with require option during the authorization.

Example

privacy.storage.url = "jdbc:postgresql://vostk-dev.postgres.database.azure.com:5432/privacy_node_0?user=user_privacy_node_0@we-dev&password=7nZL7Jr41qOWUHz5qKdypA&sslmode=require"